WordPress 3.0 Walkthrough: Multsite Multisite is the most talked about new feature in WordPress 3.0 – the WordPress team has folded the functionality of WordPress Multiuser into the main WordPress project. So how do you use it? This tutorial assumes your are comfortable using FTP clients such as Filezilla and doing basic edits of WordPress files. 1. Download WordPress 3.0 release candidate. You can find it here. 2. Edit wp-config in your favorite text editor and add the following line: define(‘WP_ALLOW_MULTISITE’, true); (I’d suggest adding it just above the line “// ** MySQL settings – You can get this info from your web host ** //”) 3. Install WordPress normally NOTE: If you’ve already installed WordPress 3.0, just edit wp-config and add that line of code, there’s no need to re-install. 4. Under Tools on the sidebar, you’ll now have an “Network” option. Click it. 5. Here you’ll setup your […]

These WordPress themes may be tiny, but they pack a big visual punch. These themes are great for sites with audiences with limited access to broadband, or any blog that wants to focus on speed and clean design. Baughxie – a polished but very lightweight two column theme. Mini – Minimal and elegant three column theme. Simple Green – Very professional and very fast. R755 – Simple yet sophisticated. Can be either two or three columns. Swift – This is actually more of a theme framework than a theme. It has a theme options page with layout, font, and color options. Nicely done.

Perennial Weblog Tools Collection community favorite Who Sees Ads can be used to show ads only to certain visitors – such as people who have arrived on your site from a search engine. It’s a useful way to improve your click-through-ratio, and please your regular readers by hiding ads from them. This is a quick introduction to using the plugin. Showing ads only to search engine visitors is extremely simple – Who Sees Ads can do much, much more. Check out the links at the end of this article for more information. NOTE: Although the plugin says it’s for WordPress 2.5, it works fine with WordPress 2.92. I haven’t been able to test it with 3.0 yet because I don’t have any 3.0 test sites indexed in any search engines yet. Anyone else know if it works with 3.0? If you don’t want to do this with a plugin, you […]

The three components of information security are: Confidentiality, Integrity and Availability (CIA). If you’ve followed the steps my previous tutorial, you’ll have come a long way towards ensuring all three. But you’ll always need to keep an eye on things – remember, no site is hack proof. Here are some tools to verify the integrity of your data. These plugins will not protect your site from attacks, they will only help you monitor your site and diagnose problems. I have not tested any of these with the latest WordPress 3.0 beta. Monitoring In my first article on WordPress security I mentioned Open Source Tripwire as an option for monitoring your WordPress install for unexpected changes. A reader pointed out that it wasn’t the best solution since it’s no longer maintained and suggested a couple other alternatives. Since then, I’ve discovered a much easier way of monitoring your WP install: WordPress […]

I’ve seen a lot of “Best WordPress Plugins” lists, and there’s usually a lot of overlap on them. You don’t need me to tell you about Platinum SEO Pack, Simple Tags, and WP Super Cache. Here are a few plugins that I think deserve more attention. These will probably be more useful to power-users who really want to tweak their WordPress site, but I encourage everyone to get their hands dirty every once and a while and get creative with their installs. Unless otherwise noted, these should work with with both WordPress 2.92 and WordPress 3.0. Widget Logic This gives every widget an extra field in which you can specify WP’s conditional tags. What this means is that you can have certain widgets appear on certain pages but not others. For example, I have my blogroll set to only appear on my front page. SEO Friendly Images This plugin can […]

I wrote previously on securing a fresh WordPress install. Today, I’ll cover several WordPress plugins that can be used with fresh or existing WordPress installations to enhance security. I’m not going to cover recovering a hacked site, or exploit scanning tools like Exploit Scanner or WordPress Antivirus in this tutorial.

I emphasized the importance of backing up in my basic security tutorial, but I discovered all of the backup tutorials I found were out of date. So here’s a tutorial on backing up your WordPress database with the terrific WP-DB-Backup plugin. The great thing about this plugin is that you can have it automatically send you backups by e-mail that you can save both to your local computer and optionally store in your Gmail or other web mail account and an additional off-site backup. This tutorial assumes you already know how to install plugins. This tutorial should be forward-compatible with WordPress 3.0

WordPress developers take security very seriously, and many security experts evaluate WordPress’s code for flaws. Security updates are made frequently to keep users safe. However, there are some extra steps you can take to make a fresh installation of WordPress more secure and protect against future attacks. Remember, no system can ever be completely secure, but taking preventative measures can be helpful. Much of this guide is based on the advice from the WordPress Codex article on hardening WordPress, but it is aimed at the WordPress beginner. In future articles, I’ll cover advanced security measures, hardening existing WordPress installs, and recovering hacked WordPress sites. This guide should be relevant for both WordPress 2.92 (the most recent stable release as of this writing) as well as WordPress 3.0. Overview: -Preliminary steps for securing your WordPress install -Changing defaults in WordPress to implement “security by obscurity” -Choosing strong passwords -Installing and configuring […]